Hi there,

I'm terribly new to this, and am interested in getting started with a reseller account.

Would like to ask - just how important is having ssh access to the servers, and being able to provide that to my customers? Whats good, whats bad - or should I overlook accounts that don't provide it? (If I did have it, it will be enabled upon request, and not by default).

Also, I've seen several reseller accounts who say that I will have 1 (or more) dedicated ip address (and others who don't provide any). Just how useful are these, and what can I do with them?

What other questions should I be asking, before taking out an account?

Offers via PM, currently I'm looking to find somewhere with 1G of storage, and 10G of traffic; with the usual features. My budget is USD$15 (+/- $5).

Am presently considering resellerspace & ehostpros.

Thanks!

SSH is pretty important when it comes to installing scripts, etc., and many customers can feel a package is not complete without SSH access. Overall I think it's pretty important to a fair proportion of customers that they have SSH access.

You will need 2 dedicated IPs to register your nameservers on, and other dedicated IPs if you intend on installing a SSL cert on an account. Other than that, shared IPs are fine all other accounts.

I do not think that SSH is very important on a hosting account as you would not be doing any work on the server config files or compiling programs.

A shared hosting client should not have any problems what so ever working with scripts via FTP.

Giving people access to your server that you do not know opens up a whole new can of worms.

Originally posted by Weberz
I do not think that SSH is very important on a hosting account as you would not be doing any work on the server config files or compiling programs.

A shared hosting client should not have any problems what so ever working with scripts via FTP.

Giving people access to your server that you do not know opens up a whole new can of worms.

SSH is often very important for installing CGI / Perl scripts.

Offered properly, whereby you require authorisation before SSH access is granted, and if you offer a more secure version of it, I don't see a problem.
If a user wants to do damage to your server, it's just as easy to upload a malicious fork script via FTP, set cron jobs for it to run very often, and the server is down.

Matt

The only way to import mysql database that is over 1meg is only by SHH/Telnet right? because you cant upload to phpadmin because a 1 meg file by http upload will time out.

Is there any other way to import big databases besides uploading by ftp then SHH/Telnet and the mysql command.. :?

How important is SSH?

SSH is secure - it protects against a wide variety of potential security breaches. It solves the most important security problem on the Internet: hackers stealing passwords.
Interoperability - there are a wide variety of SSH clients that run on Linux, Macintosh, UNIX, Windows and OpenVMS (some are freeware) that work with the Process Software SSH server. Also, a user can select from a wide variety ciphers to use for strong encryption.


Support for X-11 Forwarding - provides an encrypted X-11 display
SSH is a flexible protocol - using the port forwarding feature, any application that has a static port assignment, such as POP, SMTP, and Oracle database connections can be encrypted. A systems administrator may only choose to encrypt his telnet session and not POP.
End-to-end security - SSH encrypts the connection from the source system to its destination. This provides security on the public and internal corporate network. It can also restrict the user from accessing any other system on the internal network other then the target system.
SSH v2 will be an IETF standard and SSH v1 is a de-facto standard for encrypted terminal connections and secure file transfers.

Try doing the above with FTP

Originally posted by cactus
How important is SSH?

SSH is secure - it protects against a wide variety of potential security breaches. It solves the most important security problem on the Internet: hackers stealing passwords.
Interoperability - there are a wide variety of SSH clients that run on Linux, Macintosh, UNIX, Windows and OpenVMS (some are freeware) that work with the Process Software SSH server. Also, a user can select from a wide variety ciphers to use for strong encryption.



Try doing the above with FTP

I understand what SSH is and what it can be used for.

I even offer SSH access. I just do not feel like it is necassary for hosting.

Originally posted by Weberz
I do not think that SSH is very important on a hosting account as you would not be doing any work on the server config files or compiling programs.

A shared hosting client should not have any problems what so ever working with scripts via FTP.

Giving people access to your server that you do not know opens up a whole new can of worms.

Well written, well said. :)

i understand SSH is required when i want to install some programs/ scripts. Some scripts i've seen don't work when u transfer over by FTP. But through SSH if u untar it.. then its runs perfect.

Well SSH can be closed by default, and be given only on request as Voxtreme.com does.

cheers :)

This is what I do as well.

No offense Weberz, my post was not intended to down grade any hosts for that matter that do not offer SSH to it's clients as default. If you feel that it's unsafe to offer it, so be it. Let clients be the judge of your actions.

I just want to make it clear to the thread starter the advatanges of SSH that you can't with FTP and it doesn't have to be that bad offering SSH as default if you know what you are doing and can manage the security side of it.

As I have said, I am not questioning your capabilities and abilities, I am just giving my opinion. SSH is a useful tool to those that use it and it isn't any risk as a simple knife that you have in your home. The knife is an essential tool if used but if can also be a weapon to kill in the wrong hands.

Try restricting or eliminating knivies from the home for a while and you will understand, likewise, SSH is also an essential tool in servers, to restrict or eliminating it's use or assuming that shared hosting clients do not utilise it will be too naive in my opinion. It only shows or reflects on the Host's ignorance on the use of SSH.

Regards.

Originally posted by cactus
It only shows or reflects on the Host's ignorance on the use of SSH.

them's fight'n words

How many strangers do you allow into the security of your home with you and your family with a potentially dangerous knife?

Strangers??? What are you talking about? It's your clients that you are letting into your server and in your home we are talking family members, not any strangers or hacker into your server.

Originally posted by cactus
Strangers??? What are you talking about? It's your clients that you are letting into your server and in your home we are talking family members, not any strangers or hacker into your server.

No offense but that is naive!!!!
I understand your logic, however you can't just trust everyone off the bat!!!! Your setting yourself up for a major fall!!!! IMHO

How many of your clients do you personally know?

How many fresh signups that you activate on your servers do you know the alterior motives of?

That is my definition of a stranger on your server.

But hey it is your servers.

Let face it allowing ssh access to your server would cut down on less support for most webhosts so that they can go to school and out with their friends instead fo focusing on their business.

If I have a client that wants to add a large db then all they have to do is upload it on the server and I will be more than happy to do so for them.

Just how many clients do you have that are familiar with command linke mysql syntax?

So other than the db issue what are other valid reasons (not that that is valid as it is not) do you have for allowing strangers to log into your server and traverse the directory structure? Viewing files etc?

I am really interested in your justifications other than not having to provide support for db's.

I hope you have a great day!

:D

How about cgi scripts that emulate telnet?
:D

Tracy,

SSH access, managed correctly, is no more dangerous than granting FTP access.

I think your comments about allowing SSH access so webhosts can spend more time to go to school and play with their friends undermines your argument - yes, SSH access can cut down on a few support requests, but surely this is more economical for the host, and is a business benefit?

Originally posted by Walter
How about cgi scripts that emulate telnet?
:D

I ran into that the other day.

Best left unspoken about I feel

In addition, if you have PostSentry installed on your server and have it emailed to you the unauthorized hackers try to gain access to your server via FTP you will shudder, then you will know and have nightmares to worry about and think of how to secure your server's FTP(ProFTPD).

Matt,

I understand the advantages of SSH.

I understand that FTP access is not much better. The subject of this thread was "How important is SSH".

In my first comment I merely stated that is was not important.

I operate via SSH alot. I configure my scripts via ssh instead of editing them on my workstation and then uploading them to the server. I guess that is just where I feel more comfortable.

This is a general question for the readers of this thread.

For a shared hosting client, what could you do with SSH that you would not be able to do with FTP?

SSH is not and should not be important to most users, why do they need it? In most cases your users are publishing web sites not building and installing applications.

Some users need it, and if they ask for it they generally should have the access right? Yes and no.

Lets start with security. Okay, most things can be done via cgi right? Not necessarily if you are using suexec or some other cgi wrapper. Cron jobs is another issue, and should be of some concern. Bottom line, a malicious user will likely cause problems. When they start, supsend them, remove them, and keep their money (they broke the rules).

Now on to a rather forgotten aspect of providing SSH aspect to your users. Bandwidth usage. How do you measure it? Well, quite simply, you do not. I had one user log in via SSH and proceed to FTP from the shell account to another server and transfer 700 MB in uncompressed tar files. That was frustrating, considering the potential risk here. But if you give the access you cannot really punish them for it can you? It isn't their problem you cannot track the bandwidth, it's yours.

Now on to a pet peeve of mine. Why not offer telnet access as well as SSH? Because the passwords are transmitted in clear text? Often times (more often than not) these very same passwords make their way over the network for POP3 and/or FTP access in clear text anyway. The sad thing is that most users hear how insecure telnet is and if you enable it on your server they think your an idiot. Oh well.

That's my take. Offer it to those who need it, specifically those you believe you can trust. Keep a close eye on things, that is your job as a server administrator. If things get out of hand, take care of it. Deal with it. It's life. Most people don't need SSH but will ask for it anyway, so be it. Most of those same people will log in, type "ls" and then type "exit" and never log in again.

Now to answer Tracy's question:For a shared hosting client, what could you do with SSH that you would not be able to do with FTP?
Answer:Use up lots of untraceable bandwidth and load my 2MB database into MySQL without waiting for you!

Agree with Tracy,

You cannot just open up your server, as an open invitation to addon to your problems. Its like potential holes left open in your server. Is it good fewer holes or wHoled up server?
Server maybe open to many more breaches, but avoiding some known things is always better.
If explained nicely, you clients will also understand and appreciate. IMO :)

good points DizixCom
SSH: Use up lots of untraceable bandwidth
but wait... before anyone read this, i should ask for my SSH from Matt & Tracy first :D

WE do not allow SSH atall on both reseller and shared hosting.

We get only 1 request a week from potential customers and 1 month from current customers.
Big DB's or other script which needs SSH we do it for them and all stay happy :D

SSH can also increase load on servers slightly. Think about a server with 100 clients all with SSH and lets say for some reason most do "top" at same time :D

Business is not affected by not giving SSH.
Just my opinion fellows :D

-Rupi

People with SSH on our servers aren't strangers. We know their face, their address - even their height, weight and blood group in some cases :D Why? They all provide photo ID before access is granted. They're made aware that SSH is a responsibility, not a right, and that they're being watched.

Most people don't need it, few will ask for it, but we give it to those that ask - once they scan their ID and e-mail it to us. Some people just prefer to use it over ftp (I know one customer who's home desktop doesn't even have a GUI - he runs straight linux command line and checks his e-mail through pine.)

We have great customers - not a brag, just a fact. We've had no trouble with those guys who use SSH. If we ever do they're aware that we'll come down like a mountain on them.

Greg Moore

Originally posted by akashik
People with SSH on our servers aren't strangers. We know their face, their address - even their height, weight and blood group in some cases :D Why? They all provide photo ID before access is granted. They're made aware that SSH is a responsibility, not a right, and that they're being watched.

Most people don't need it, few will ask for it, but we give it to those that ask - once they scan their ID and e-mail it to us. Some people just prefer to use it over ftp (I know one customer who's home desktop doesn't even have a GUI - he runs straight linux command line and checks his e-mail through pine.)

We have great customers - not a brag, just a fact. We've had no trouble with those guys who use SSH. If we ever do they're aware that we'll come down like a mountain on them.

Greg Moore

New Policy at Weberz.

Photo ID for SSH.

You handle SSH very very well, I like that.

Originally posted by Weberz


I understand what SSH is and what it can be used for.

I even offer SSH access. I just do not feel like it is necassary for hosting.
Wow, Tracy! I'm shocked at your viewpoint. I'd be lost without SSH. Even in a shared hosting environment, I like to install, config & compile modules in my local directories sometimes. Also, many other things are done faster and easier through SSH. If a user is into CGI at all, they will probably want SSH.

Hello,

I grant SSH access to my customers case by case after they have described their needs.

I myself move files between my servers regularly (tar, wget, ftp), dump and restore databases, check uptime and load, ping test etc.

Most of the time users need it to be able to move their sites to my server or out of my server. Sometimes for dumping and restoring databases.

But generally I feel better if the customer is with me for at least a month and I know his behaviour and I know what is his website about.

Mac